Director, It Security & Compliance

Thursday, July 20, 2023
All companies under the Great Gulf umbrella are united by one simple goal: the pursuit of greatness. It’s achieved daily with the passion and dedication of every person who works tirelessly to make us great. If you have what it takes to make great things happen, apply today to join our team.
Job Title
Director, IT Security and Compliance
Department
IT Infrastructure
Reports To
CIO, Great Gulf Group
LOCATION:
351 King St E/Remote/ Hybrid
Travel Requirement
Up to 15% travel required
Summary
The Director, Security will help reduce security risks to the Great Gulf Group’s (GGG) systems, applications, assets, members, business processes, networks, etc., by enhancing the security risk framework methodology, scope, processes, supporting tooling and training. They will engage and align with technology and business partners to drive a comprehensive information security strategy and ensure information assets and technologies are appropriately implemented and protected. This position is a hands-on role that requires implementation of procedures, hardware as well as working with service providers and external stakeholders.
Key Responsibilities

• Identify, measure, control, and minimize security risks to information systems across a broad range of disciplines including application, network, and host security
• Supervise deployment of strong identity and access management (IDAM) controls across applications and computing environments
• Develop, test, and implement new cybersecurity-managed services and then train other IT staff to operationally support the solution(s)
• Review, maintain and develop IT and security governance structures, processes, & procedures to prevent security breaches, major incidents and non-compliance with regulatory requirements.
• Lead or participate in security risk related initiatives
• Manage risks and security issues that could impact the confidentiality, integrity, and/or availability of the business (both internally and externally) by assisting in documentation, tracking, and creating solutions for mitigation
• Review and update the company’s Cyber Security Training program
• Deploy and maintain security best practices across the Infrastructure and Applications
• Manages ongoing and new third-party assessments of security and compliance.
• Update and educate the executive team on current cyber threats, issues, and risks; provide regular status updates on initiatives and operations
• Oversee GGG’s security risk posture and exposure
• Other duties as assigned.
• Implements security incident response plans and serves as the response lead during incidents.

Communication/Influencing Others
The Director, IT Security and Compliance role will require interacting with department heads from across the Great Gulf Group, in order to assess technical requirements for the business and providing technical recommendations where required.
Education, Experience, And Qualifications

• Certifications such as CISSP, CISM or CRISC, ITIL V3/V4 are highly desirable
• Strong technical knowledge of Linux/Unix Platforms and Technologies, including Web Servers, Application Servers, and Databases
• Exposure with various security tools and methodologies, including network security, vulnerability management, vulnerability & penetration assessments, anti-malware, and endpoint security management.
• Advanced knowledge of security frameworks and regulations, such as PCI-DSS, PIPEDA, ITIL, NIST and ISO
• Strong technical knowledge of Microsoft Platforms and Technologies including Web Servers, Application Servers and Databases
• Ability to develop policies and procedures relating to IT/security governance and educate IT colleagues on governance and controls issues.
• Degree in a related discipline would be an asset (e.g., B.Eng. B.Sc., etc.)
• 10+ years of experience working in information security controls, information technology audit, or security risk management.
• Strong technical knowledge with Cloud Computing Environments
• Deep understanding of security best practices
• Strong technical knowledge of networking equipment, including wireless, switches, firewalls, etc.
• Excellent interpersonal, leadership and relationship-building skills to deal with senior levels of management, service providers and local and remote business partners

SUPERVISION & BUDGET AUTHORITY
N/A
PHYSICAL ENVIRONMENT
This position is a desk job. The applicant will have the choice of working from the office at 351 King St East, Toronto, or working from home with the occasional day at the office.
Physical Requirements
This position requires that the applicant be able to use a computer
Great Gulf is committed to providing a fair and equitable work environment and encourages applications from qualified women, men, visible minorities, aboriginal peoples and persons with disabilities. As per the Ontario Human Rights Code and the Accessibility for Ontarians with Disabilities Act (AODA), Great Gulf will accommodate the needs of applicants with disabilities throughout all stages of the selection process. If you need accommodation during the recruitment process, please advise Human Resources.
The Great Gulf Group (“GGG”) is committed to protecting the health and safety of our employees, our tradespeople and suppliers, and our customers and visitors. Employment with GGG is conditional upon you having received all required doses of a COVID-19 vaccine series approved by Health Canada at least 14 days prior to your start date. You must provide a copy of your Ministry of Health COVID-19 Vaccine Dose. If you have a medical reason, or any other reason pursuant to the Ontario Human Rights Code, for not being fully vaccinated now or in the future, you may submit a written request for accommodation with an explanation of the ground and/or any supporting documentation to assist in the determination of exemption from this condition.

• 351 King St E, Toronto, ON M5A 2W4, Canada